View/Open

Date

Author

Metadata

Abstract

Phase-change Random Access Memory (PRAM) is an emerging memory technology for future computing systems. It is nonvolatile
and has a faster read latency and potentially higher storage density than other memory alternatives. Recently, system
researchers have studied the trade-off of using PRAM to back up a DRAM cache as a last level memory or to implement it in a
hybrid memory architecture. The main roadblock preventing PRAM from commercially viable, however, is its much lower write
endurance. Several recent proposals attempted to address this issue by either reducing PRAM's write frequency or using wearleveling
techniques to evenly distribute PRAM writes. Although the lifetime of PRAM could be extended by these techniques under
normal operations of typical applications, most of them do not prevent a malicious code deliberately designed to wear it out.
Furthermore, all of these prior techniques failed to consider the circumstances when a compromised OS is present and its security
implication to the overall PRAM design. A compromised OS, (e.g., via simple buffer over ow) will allow adversaries to manipulate
all processes and exploit side channels easily, accelerating the wear-out of targeted PRAM blocks and rendering a dysfunctional
system. In this paper, we argue that a PRAM design not only has to consider normal wear-out under conventional application behavior, most importantly, it must take the worst-case scenario into account with the presence of malicious exploits and a compromised
OS. Such design consideration will address both the durability and security issues of PRAM simultaneously. Toward this goal, in
this work, we propose a novel, low-cost hardware mechanism called Security Refresh. Similar to the concept of protecting charge
leak from DRAM, Security Refresh prevents information leak by constantly migrating its physical location (thus refresh) inside
PRAM, obfuscating the actual data placement from users and system software. It uses a dynamic randomized address mapping
scheme, which swaps data between random PRAM blocks using random keys generated by thermal noise upon each refresh due.
The hardware is extremely low-cost without using any table. We presented two implementation alternatives and showed their tradeoff
and respective wear-out endurance. For a given con guration, we show that the optimal lifetime of a PRAM block (256B) is 8
years. In addition, we showed the performance impact of Security Refresh is mostly negligible.